diff --git a/config/globals.nix b/config/globals.nix
index 6977146..7c64ec5 100644
--- a/config/globals.nix
+++ b/config/globals.nix
@@ -23,8 +23,9 @@
 
   services = {
     forgejo = {
-      home = "/var/lib/services/forgejo";
+      home = "/var/lib/forgejo";
       url = "govel.porzh.me";
+      user = "git";
       port = 3000;
     };
     goaccess = {
diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix
index ad0fb13..0cee315 100644
--- a/modules/services/forgejo.nix
+++ b/modules/services/forgejo.nix
@@ -3,23 +3,23 @@ let
   globals = import ../../config/globals.nix;
 in {
   # --- Utilisateur dédié ---
-  users.users.git = {
+  users.users.${globals.services.forgejo.user} = {
     isSystemUser = true;
-    home = "/var/lib/forgejo";
+    home = globals.services.forgejo.home;
     shell = pkgs.bash;
-    group = "git";
+    group = globals.services.forgejo.user;
   };
-  users.groups.git = {};
+  users.groups.${globals.services.forgejo.user} = {};
 
   # --- Forgejo ---
   services = {
     forgejo = {
       enable = true;
-      user = "git";
-      group = "git";
+      user = globals.services.forgejo.user;
+      group = globals.services.forgejo.user;
       database = {
         type = "sqlite3";
-        path = "/var/lib/forgejo/data/gitea.db";
+        path = "${globals.services.forgejo.home}/data/gitea.db";
       };
       settings = {
         server = {
@@ -27,7 +27,6 @@ in {
           ROOT_URL = "https://${globals.services.forgejo.url}/";
           SSH_DOMAIN = globals.services.forgejo.url;
           HTTP_PORT = globals.services.forgejo.port;
-          SSH_PORT = 22;
           START_SSH_SERVER = false;
         };
         service = {
@@ -49,22 +48,5 @@ in {
       };
     };
   };
-
-  # --- Ouvrir les ports nécessaires ---
-  networking.firewall = {
-    allowedTCPPorts = [80 443 2222];
-    interfaces."eth0".allowedTCPPorts = [22];
-  };
-  # --- Pour que Forgejo génère les bonnes URLs Git ---
-  #  networking.hostName = "git"; # non strictement obligatoire
-
-  # --- Optionnel : config DNS ---
-  # git.lomig.me -> ton IP publique (ou IP locale si LAN)
-
-  # --- Pour te cloner un dépôt : ---
-  # git clone git@git.lomig.me:lomig/nom-du-repo.git
-
-  # --- Astuce : génère une paire de clés pour l’accès SSH Git ---
-  # ssh-keygen -t ed25519 -f ~/.ssh/id_git_forgejo
-  # puis ajoute la clé publique dans ton compte Forgejo
+  networking.firewall.allowedTCPPorts = [80 443 22 ];
 }